-
The following libraries need to be upgrade to remove webpa-common as a indirect dependency
- candlelight
-
## CVE-2022-41723 - High Severity Vulnerability
Vulnerable Library - golang.org/x/net-v0.5.0
Library home page: https://proxy.golang.org/golang.org/x/net/@v/v0.5.0.zip
Dependency Hierarchy:
- g…
-
Looks like tr1d1um used to leverage this as its health check
https://github.com/xmidt-org/webpa-common/blob/0e73a726eae0203d6a4c9d84b462c11235040e96/health/health.go#L150-L169
now it returns an em…
-
## CVE-2022-32149 - High Severity Vulnerability
Vulnerable Library - golang.org/x/text-v0.3.7
Library home page: https://proxy.golang.org/golang.org/x/text/@v/v0.3.7.zip
Dependency Hierarchy:
-…
-
In general, we want to transition our applications over to the [uber fx](https://github.com/uber-go/fx) framework. Since tr1d1um is relatively small and straightforward, we want to start here. This …
-
The WebSocket connection is closed after `idlePeriod` when increasing `idlePeriod` and `pingPeriod`. I'm not sure if this is an issue with Talaria or Parodus, but I'm starting here.
I started with …
-
## CVE-2022-32149 - High Severity Vulnerability
Vulnerable Library - golang.org/x/text-v0.3.7
Library home page: https://proxy.golang.org/golang.org/x/text/@v/v0.3.7.zip
Dependency Hierarchy:
-…
-
## CVE-2022-28948 - Medium Severity Vulnerability
Vulnerable Library - github.com/go-yaml/yaml-v2.4.0
YAML support for the Go language.
Dependency Hierarchy:
- github.com/xmidt-org/webpa-common/…
-
## CVE-2022-29526 - Medium Severity Vulnerability
Vulnerable Library - github.com/hashicorp/go-sockaddr-v1.0.2
IP Address/UNIX Socket convenience functions for Go
Dependency Hierarchy:
- github.…
-
## CVE-2022-28948 - High Severity Vulnerability
Vulnerable Library - github.com/go-yaml/yaml-v3.0.0
YAML support for the Go language.
Dependency Hierarchy:
- github.com/stretchr/testify/require-…